﻿using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Filters;
using System;
using System.Collections.Generic;
using System.Text;
using System.Linq;
using Microsoft.AspNetCore.Http;

namespace ASmile.Web
{
    public class RolePageAuthorizeAttribute : RoleAuthorizeAttribute
    {
        public RolePageAuthorizeAttribute(bool isAuth = true)
        {
            IsAuth = isAuth;
        }

        protected override void AuthorizationHandle(AuthorizationFilterContext context)
        {
            var loginAuth = context.FindEffectivePolicy<UserAuthorizeAttribute>();

            var currRoleId = loginAuth.CurrUser?.RoleId;

            if (RoleIds?.Contains(currRoleId) == false)
            {
                //角色验证失败，返回403
                context.Result = new ContentResult() { Content = "authorization role fail for page", StatusCode = StatusCodes.Status403Forbidden };
                return;
            }
        }
    }
}